A large, national mutual savings and loan association, founded in 1971, is in the business of providing financial services to help families begin saving for large purchases. Today, the organization processes transactions for hundreds of thousands of clients.
PHISHING: INTRICATE ATTACKS, GLOBAL THREAT
In 2013, banking isn’t just physical branches; it also entails offering services to customers to bank online. Online banking platforms are under constant assault, and “phishing attacks” are one of the most common schemes perpetrated. These robberies are perpetrated by cybercriminals, who seek to defraud customers through the use of cloned websites that mimic the online banking portals of well-known financial institutions. Customers think they are using the legitimate bank website and enter their user name and password, which criminals record with keylogger malware. Later, these thieves can use the stolen credentials to impersonate the banking customer and remove money from the account.
Meanwhile, the financial institution grew hand in hand with the global market and implemented mobile banking for several years, although it was only used for general consultations, not banking transactions. Willing to spread this service to all their customers so that they could take full advantage of the benefits of mobile banking, the financial institution made the decision to enable this channel to all their users. But security concerns limited the services delivered through this channel.
The institution was looking for cost-effective yet ironclad security for electronic banking channels that could be implemented swiftly and without service interruptions or complicated installation procedures.
EASY SOLUTIONS: SECURITY THROUGH FLEXIBLE AUTHENTICATION
After assessing the merits of different electronic security providers, the financial institution chose to go with Easy Solutions’ DetectID strong authentication solution. DetectID provides an adaptable authentication platform that supports all transactional channels and also integrates with existing legacy authentication systems, slashing installation and deployment times and unifying multi-channel application authentication.
Working at the device level, DetectID captures hardware-specific information that is used to feed a proprietary algorithm, defining a unique fingerprint for each machine used to access an online banking portal. In addition to device authentication, DetectID offers a variety of other authentication factors including grid cards, challenge questions, security images, and one-time passwords delivered through physical tokens, mobile tokens, and out-of-band e-mail or SMS.
SIMPLE MULTI-FACTOR CROSS-CHANNEL AUTHENTICATION
Originally, the financial institution conceived of a multi-factor authentication security plan using tokens and a one-time password that would have to be entered upon logging into the company’s banking website. But once the institution took a look at the DetectID authentication platform, they were convinced that it was the security solution that fit their needs. Unlike other authentication solutions that charge a fee for each different authentication factor and type of channel covered, DetectID simply charges by the user, meaning that any license purchased to use DetectID is valid for as many authentication factors and transactional channels that a financial institution may wish to use it for.
The institution also liked the Easy Solutions method for implementing the authentication solution, which is oriented towards accommodating the customer. This translates into a hands-on approach for installing DetectID, with the Easy Solutions team of engineers in constant contact through the implementation, and requiring no service interruptions or complicated changes to the web architecture of the online banking platform. “With a quick turnaround time, we were able to see immediate results, and are satisfied to work with a security vendor that shares our proactive vision of preventing fraud before it happens, as opposed to only reacting after an attack has already been launched,” said a spokesperson from the institution.
In addition to being satisfied with the strong authentication offered by DetectID, the financial institution is pleased that Easy Solutions has a comprehensive vision for combating electronic fraud. They have since purchased a license for Detect Monitoring Service (DMS), an Easy Solutions fraud prevention product that monitors every incoming visitor connection to a transactional portal in real time. Not only does DMS detect incoming attacks, but it also boasts industry-leading takedown times for disabling attacks that are already in progress, keeping money in customer accounts where it belongs. The Total Fraud Protection® strategy from Easy Solutions is a multi-layered product portfolio focused on the comprehensive detection and prevention of electronic fraud across all devices, channels and clouds, offering a one-stop shop for multiple fraud prevention services.